How to install a DNSCurve forwarder

This page explains how to add DNSCurve protection to outgoing DNS data
published by your DNS server:
an "authoritative DNS server" such as tinydns
or PowerDNS Server or BIND or NSD or MaraDNS or Nominum ANS.
There is a
separate page
explaining the benefits of this protection.

You could upgrade your DNS server
to a DNS server that supports DNSCurve.
However, you can instead install a DNSCurve forwarder
without changing your DNS server.
A full-fledged DNSCurve forwarder named
CurveDNS
has been released by Harm van Tilborg
with the support of Jeroen Scheerder and Lieuwe Jan Koning at ON2IT Security.

There are five main steps in setting up a DNSCurve forwarder:

Install the forwarder on a new IP address.
If you install the forwarder on the same computer as your existing DNS server
then you need to put it on a different IP address from the existing DNS server.